Identity theft is such an important topic that the Justice Department has an entire information resource devoted to identity theft statistics. When you’re concerned about your identity, and how it might impact your credit, it can make sense to consider paying for a credit monitoring service.

What Does a Credit Monitoring Service Do?

A credit monitoring service basically scans your credit report regularly and makes an attempt to identify red flags that indicate your identity has been stolen. When a new account is opened, or when someone checks your credit, you are notified.

While credit monitoring won’t stop your information from being stolen by hackers or through something like the Heartbleed vulnerability, it can provide you with immediate information that you can act on quickly. When it comes to heading off identity thieves and limiting damage, the faster you act, the better off you’ll be.

There are also more advanced credit monitoring services that go beyond just your credit report. More advanced identity monitoring services actually keep an eye on your public records, and make it a point to even use algorithms to check through black market sites and look for other unusual activity that might indicate your identity has been compromised.

A credit monitoring service can help you keep tabs on your information, providing peace of mind.

Can You Monitor Your Credit Yourself?

Of course, a credit monitoring service isn’t going to do anything for you that you can’t do on your own. It’s possible for you to keep tabs on your situation for less than it costs to pay for credit monitoring.

It’s also possible to do your own public records search and watch for suspicious activity on your bank and credit card statements — and even your investment statements.

However, all of this takes time and effort. Yes, you can do it yourself, but you can’t be watching all the time. If you check in once a month with your accounts, and even if you use various tools to protect you against identity theft, you could still miss something. And, if you only check in once a month, you might miss a red flag that pops up a day or two after you last checked. That gives the thief almost a month’s head start on you.

In most cases, though, if you report fraudulent charges on credit cards (the rules are different for debit cards) within 60 days, you won’t be liable for most of the charge. But it can be a real pain to deal with during that time.

The point of a credit monitoring service is that it provides immediacy, while taking the bulk of the legwork off of you. While a service can certainly miss something, it is less likely to miss something than you are. Additionally, there are services that provide an immediate alert when a new account is opened, or when some other action takes place. This can help you get on top of the situation immediately.

Most people who sign up for credit monitoring services do it for the peace of mind, and to get a break from some of the workload. Whether or not a credit monitoring service makes sense for you depends on how concerned you are about identity theft, and how much time you have to complete the due diligence that is required to properly monitor your own credit.

By now, you’ve probably heard about Heartbleed, the security vulnerability that affects more than 66 percent of the sites on the Internet. Heartbleed is a vulnerability in the OpenSSL software that is popular for web site encryption.

While it’s tempting to swear off the Internet forever, that’s probably not a viable option. Instead, it makes more sense to be careful about how you use the Internet, and take steps to protect your information and your identity. Here’s what to do if you are concerned about Heartbleed:

Don’t Panic

First of all, don’t panic. The Heartbleed vulnerability only allows someone to grab 64k of data at a time. But here’s the thing: It’s only random data. The person exploiting Heartbleed can’t choose which data to grab. Of course, different data can be grabbed from the server over and over again, and the exploiter is bound to come up with something “good” at some point.

From the NSA to hackers, the Heartbleed vulnerability has been available for more than two years. While some of your information might be out there, and your identity might be compromised, you don’t want to over react. Take a step back, avoid panicking and move forward.

Find Out Which Sites are Vulnerable

Next, you need to figure out which sites are vulnerable to Heartbleed. A number of sites have already fixed the problem, so it might not be an issue. Unfortunately, you can’t rely on the old methods of determining web site security to find out if there is a Heartbleed problem.

The good news is that there are lists and web apps that can help you check for Heartbleed vulnerability, letting you know if something needs to change. You can also read this helpful guide from IT World, which takes you beyond the lists and apps, which might not always be completely accurate.

You can also install a plug-in from Chrome or Firefox to help you identify sites vulnerable to Heartbleed as you surf.

Find out which of your heavily used sites are vulnerable, and then go from there.

Password Rotation

You will need to change your passwords on sites that are vulnerable to Heartbleed. However, realize that this doesn’t do you much good until after the site has updated its OpenSSL to reflect the fix. Until the site itself has updated, changing the password won’t help much.

Once the site is updated, you need to change your password. One of the best things you can do is to use different passwords for each site. This is because many hackers know that consumers often use the same username/password combo on multiple sites. Cracking one could open up your entire life. Don’t let that happen.

Good password practice is to choose a different password for each site. If you don’t want to try to keep track of them all, identity theft tools like password managers can help you keep different passwords without having to memorize them all, or hunt them up on a piece of paper.

In any case, you should rotate your passwords regularly, at least every six months, for maximum security and identity protection. Even without Heartbleed threatening your identity, you should pay attention to your passwords and change them regularly.

Keep Tabs on Your Credit Report

Finally, make sure that you keep tabs on your credit report in order to catch potential identity theft. This is a good idea anyway. Watching your credit report can send up red flags if your identity has been stolen and someone is opening fraudulent accounts.

You can keep watch on your credit situation with the help of free resources, as well as paid resources that can monitor your credit for you, and send regular reports.

You should be concerned about Heartbleed, and you should pay attention. However, you shouldn’t panic. Take appropriate steps to safeguard your information, and focus on good password practices, and you should be able to weather the storm.

Last week, I was on vacation with my son in San Diego. We had to go to the mall to replace the recharging cord for my phone. While we were on our way back to the hotel, a young activist approached us, looking for a donation to his cause. I agree with his cause, so I was on board with making a one-time donation with my credit card.

Things changed, though, as I started filling out the form he provided. When I got to the payment part, I was expected to enter write out my credit card number and expiration date.

I asked if there was another way to pay. While I don’t doubt the activist’s furor, and I think he would probably do what he could to protect this sensitive financial information, I just didn’t feel comfortable writing out my credit card number on a form at a mall fundraiser. I felt bad that I had started to fill out the form before reading everything through, and I felt bad I wasn’t going to be providing a donation after all.

But providing that information on a random form, with the opportunity for theft at any turn, just didn’t appeal to me. I probably spend too much time writing about money, credit, and identity theft.

However, activists and others don’t have to rely on people being willing to share their credit card details. From small business owners to independent artists to just about anyone else, it’s easy to transfer money without the need for a lot of personal financial details.

Alternatives to Sharing Your Credit Card Number

There are plenty of options when you have a smartphone. Card reading apps like Square and PayAnywhere are increasingly common, and you can get the card reader for free without too much trouble. A customer can swipe the card, choose whether or not to pay a tip, and move on. It’s quick and easy, and your data remains safer than if you write out your credit card number on an unsecure form.

When I mentioned Square to the activist, he said that many of the people working for the cause couldn’t afford smart phones. While that is a setback in terms using a card reader setup, the reality is that Square isn’t the only option.

There are person-to-person payment options these days, like PopMoney. If you accept payment via these types of service providers, you don’t have to ask for personal information; just have the person paying send you the money via text. No smartphone needed.

It’s also possible to facilitate these types of transactions with the help of PayPal, Dwolla, and other similar systems. Once, at an art festival, I bought something from a local artist, and I paid for it with PayPal. It was quick, easy, and there was no need for me to write down my credit card information.

With money increasingly digital, there are a number of ways to protect your credit card number and still pay for just about anything. While I sympathize with the activist’s cause, I wasn’t about to expose my personal financial information in that way. There are plenty of other options that don’t cost much, and that can make things convenient for everyone – and reach customers and donors in a way that allows them to remain comfortable with the transaction.

You can’t be too careful with your financial information. Just as you may not be comfortable with providing your Social Security number to others, you may not feel comfortable providing your credit card information. If you are worried about the situation, don’t give up the information.

And, small businesses and activists can help out, too. There are a number of alternatives to asking people to write down their credit card information. If my school’s PTA can get on board with these alternatives, I’d think young, tech-savvy activists could as well.

Catch Identity Theft

When your identity is stolen, the fraudster is likely to use your information to open new accounts. These fraudulent accounts will appear in your credit report.

If you want to catch identity theft early on, you need to regularly check your credit report. You can get help in that area by going to AnnualCreditReport.com for the free report you are entitled to each year from each of the major credit reporting agencies.

Go through the information in the report, keeping an eye out for accounts that you know you didn’t open. If you see accounts that aren’t yours, you need to let the credit reporting agencies know. Call them, and then follow up in writing.

It might be necessary to place a credit freeze on your account if you are concerned that it could happen again. With a credit freeze on your account, you will be notified before a new account can be opened using your information. That can prevent another situation in which your identity is stolen and used to open credit in your name.

You might just red-flag your account as well, instead of placing an all-out freeze on the account. With the red flag, lenders are supposed to take extra steps to ensure your identity before opening an account in your name. It doesn’t always work as effectively as a credit freeze, though.

Even if you place a freeze on your account or have it red flagged, it still makes sense to keep tabs on what’s happening with your account. The good news is that there are plenty of web sites where you can keep tabs on your credit for free. While it’s not the same as looking at a full credit report, it can still be helpful, since you can usually see when something new pops up, and identify changes to the situation.

Your credit report is your first line of defense when you want to catch identity theft early on. Regular attempts to keep tabs on your report, and what’s in it, will allow you to identify problems quickly and move to take care of them.

Fraudulent Charges: Check Your Account Statements

While you do want to check your credit report regularly in order to identify fraudulent accounts, you also need to keep up with your account statements to make sure that you can see fraudulent charges.

While your credit report can help you catch identity theft as it relates to new, fraudulent accounts, it won’t provide you with information on fraudulent charges. For that, you need to check your accounts regularly. Go through your bank and credit card account statements on a regular basis so that you can see what’s happening with your purchases.

Sometimes, instead of opening a new account in your name, an identity thief will just take information about your credit cards and make purchases with that information. You will want to catch that type of identity theft early on and dispute the charges. If you catch it early enough, you can get your zero liability fraud protection in full, and avoid being responsible for the charges.

Bottom Line

Your credit can be an indicator that your identity is being tampered with. You need to keep track of what is happening with your credit, and be sure that you are on top of the situation. Check your credit report every three or four months to see if there are fraudulent accounts. Check your account statements each month for fraudulent charges. You can even use the Internet to check your account charges more frequently, if it makes sense for you.

There is no way to completely prevent identity fraud; it is only with vigilance that you can expect to catch identity theft.